Hardware encryption bypass on MX100, MX200 and MX300 SSDs

JEDEC Jedi

Re: Hardware encryption bypass on MX100, MX200 and MX300 SSDs

@Crucial_Benny I think the query is about the even older drives that pre-date the MX series.  The M500 as opposed to the MX500. Smiley Happy

JEDEC Jedi

Re: Hardware encryption bypass on MX100, MX200 and MX300 SSDs

Yes, it's about M500 and M550...

Crucial Employee

Re: Hardware encryption bypass on MX100, MX200 and MX300 SSDs

The M500 and M550 are not effected by this issue in any way, only the MX100, MX200, and MX300 are. Firmware updates that address the issue were already released for the MX100 and MX200 in May, MX300 update is still pending.

Highlighted
JEDEC Jedi

Re: Hardware encryption bypass on MX100, MX200 and MX300 SSDs

Thanks for clarifying that Smiley Happy

Kilobyte Kid

Re: Hardware encryption bypass on MX100, MX200 and MX300 SSDs


@Crucial_Benny wrote:

The M500 and M550 are not effected by this issue in any way, only the MX100, MX200, and MX300 are.

Firmware updates that address the issue were already released for the MX100 and MX200 in May, MX300 update is still pending.


Maybe because only MX100, MX200 and MX300 got tested by the researchers?

So other SSDs could still have security issues... 

 

One question unfortunately is still unanswered:

Is the DEK now linked to the user passphrase, like it should be implemented in the right way?

Or does the firmware update just disable the JTAG interface, like a previous post suggested?

Lee
Kilobyte Kid

Re: Hardware encryption bypass on MX100, MX200 and MX300 SSDs

@Crucial_Benny wrote:

The M500 and M550 are not effected by this issue in any way, only the MX100, MX200, and MX300 are.

Firmware updates that address the issue were already released for the MX100 and MX200 in May, MX300 update is still pending.

 

@BerndLauert wrote:

One question unfortunately is still unanswered:

Is the DEK now linked to the user passphrase, like it should be implemented in the right way?

Or does the firmware update just disable the JTAG interface, like a previous post suggested?

 

I am curious to and i think many others?

Kilobyte Kid

Re: Hardware encryption bypass on MX100, MX200 and MX300 SSDs

I still have some hope Crucial engineers will to the right thing for MX100/MX200 users when they are done with MX300 and fix the MX100/MX200 properly instead of only disabling jtag.

 

Sorry for any mistakes. English is not my native language